According to the National Park Service, as many as 90 percent of wildland fires in the United States are caused by humans. Some human-caused fires result from campfires left unattended, the burning of debris, negligently discarded cigarettes, recreational vehicles, target shooting (including exploding rifle targets), and intentional acts of arson. The remaining 10 percent are started by lightning or lava.

As our population continues to grow, more and more people are building homes in places that were once pristine wilderness areas. Homeowners who build in remote and wooded areas must take responsibility for the way their buildings are constructed and the way they landscape around them.

Wildfire Mitigation Tips

Use Fire Resistant Building Materials – The roof and exterior structure of your home and other buildings should be constructed of non-combustible or fire-resistant materials. If wood siding, cedar shakes or any other highly combustible materials are used, they should be treated with fire retardant chemicals.

Landscape wisely – Plant fire-resistant shrubs and trees to minimize the spread of fire and space your landscaping so fire is not carried to your home or other surrounding vegetation. Remove vines from the walls of your home.

Use same mesh screen beneath porches, decks, floor areas and home itself. Also screen openings to attic and roof.

Soak ashes and charcoal briquettes in water for two days in a metal bucket.

Keep a garden hose connected to an outlet.

Have fire tools handy (ladder, shovel, rake, ax, etc.)

Put your address on all structures so it can be seen from the road.

Campfire Safety – Campfires are a common cause of brush fires or wildfires so please be careful when you’re out in deserts, mountains, or any other heavy vegetation areas.

NEVER leave a campfire burning – make sure it is completely out using plenty of water before leaving the area. Stir the coals around with a stick or log while pouring water over them to ensure all the coals get wet and they are no longer hot. Any hot coals left unattended can be easily ignited by wind since they can stay hot for 24 – 48 hours.

When building a campfire, always choose a level site, clear away any branches and twigs several feet from the fire, and never build a fire beneath tree branches or on surface roots. Also, build at least 10 feet (3 m) from any large rocks that could be blackened by smoke or cracked from a fire’s heat.

See your local Forest Service office or Ranger Station for more information on campfires and permits or visit www.fs.fed.us or www.pc.gc.ca

Teach kids – Explain to children that matches and lighters are TOOLS, not toys… and if they see someone playing with fire they should tell an adult right away. And teach kids how to report a fire and when to call 9-1-1.

Be ready to evacuate – Listen to local authorities and leave if you are told to evacuate.

DURING A WILDFIRE:

Listen – Have a radio to keep up on news, weather and evacuation routes.

Evacuate? – If you are told to leave – do so … and IF you have time also…

Secure your home – close windows, vents, all doors, etc.

Turn off utilities and tanks at main switches or valves.

Turn on a light in each room to increase the visibility of your home in heavy smoke.

See Mitigation tips above.

Head downhill – Fire climbs uphill 16 times faster than on level terrain (since heat rises) so always head down when evacuating the area.

Food & water – If you prepared ahead, you’ll have your Disaster Supplies Kit handy to GRAB & GO… if not, gather up enough food and water for each family member for at least 3 days or longer!

Be understanding – Please realize the firefighters main objective is getting wildfires under control and they may not be able to save every home. Try to understand and respect the firefighters’ and local officials’ decisions.

AFTER A WILDFIRE:

Don’t go there – Never enter fire-damaged areas until authorities say it’s okay and watch for signs of smoke or heat in case the fire isn’t totally out.

A recently discovered encryption flaw in OpenSSL — a software used by many popular social networking websites, search engines, banks, and online shopping sites to keep personal and financial data secure — has potentially exposed a majority of the internet. Not all secure sites use OpenSSL (a secure site typically has an “https://” prefix and a little padlock in the address line), but about 66% of websites do … so it’s a big deal.

The bug is called Heartbleedbecause it piggybacks on a feature called heartbeat and it affects specific versions of the widely-used OpenSSL cryptographic library. Basically an error that was missed over two years ago in the open OpenSSL encryption protocol allows a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys which may allow an attacker to decrypt traffic or perform other attacks.

In other words, if someone knew this bug existed, they could intercept usernames, passwords, credit card details, and other sensitive information from a website’s server in plain text. It also allowed for a server’s private encryption keys to be stolen. Once stolen, these keys can be used by criminals to decrypt data sent between a website’s server and a user of that website. And, since it leaves no trace, system administrators would have no clue they were breached.

Renowned security expert Bruce Schneier said of Heartbleed, “On a scale of 1 to 10, it is an 11.”

What kinds of devices are impacted..?

MIT Technology Review explains the Heartbleed flaw could live on for years in devices like networking hardware, home automation systems, and even critical industrial-control systems, because they are infrequently updated.

Cable boxes and home Internet routers are just two of the major classes of devices likely to be affected, says Philip Lieberman, president security company Lieberman Software. “ISPs now have millions of these devices with this bug in them,” he says. The same issue likely affects many companies, because plenty of enterprise-grade network hardware and industrial and business automation system also rely on OpenSSL, and those devices are also rarely updated.

Large-scale scans of Internet addresses have previously uncovered hundreds of thousands of devices — ranging from IT equipment to traffic control systems — that are improperly configured or have not been updated to patch known flaws. (See MIT’s 2013 article called “What happened when one man pinged the whole Internet” [i.e. 3.7 billion IP addresses] for some disturbing findings about these types of devices.)

So what does this mean to me..?

If you are a business, a developer or system administrator … upgrading to OpenSSL version 1.0.1g resolves this vulnerability, but realize SSL digital certificates are compromised too so they must be recertified. US-CERT recommends administrators and users review Vulnerability Note VU#720951 for additional information and mitigation details. There is also a way to disable the heartbeat handshake command (although it is best to upgrade) – visit http://heartbleed.com to learn more. Also … once your system is upgraded and recertified, businesses and site owners should notify all users the site is secure and encourage everyone to change their passwords as quickly as possible.

For everyone else … there’s not much we can do other than avoid the Internet (okay … so that’s not realistic) … but you can be proactive and verify all the sites you have accounts with are fixed and get ready to change passwords as explained below. As ZDNet writes… if your bank, favorite online merchant, email, cloud and/or software provider hasn’t fixed Heartbleed yet [or advised that their site didn’t use the buggy version], close your accounts and find new service providers.

What can I do to protect myself..?

Realize some sites don’t even use OpenSSL, others didn’t update to the 2012 version of SSL so they aren’t vulnerable, and many others have patched the Heartbleed flaw once it became known on April 7, 2014. And hopefully any and all websites impacted by this vulnerability notify users once their systems are updated and recertified and recommend everyone log on and change your passwords.

Yes, it is a pain and will be time-consuming, but you should get in the habit of changing passwords every few months anyway.

And realize there will be some scumbags who will take advantage of this Heartbleed scare so be on the lookout for phishing emails requesting you click a link to change your password. The best way to ensure the security and integrity of any of your accounts is to go directly to each website and log in there to manage your secure data.

Mashable has compiled a Heartbleed Hit List of sites possibly affected by this flaw and advises if you should change your password on sites like Facebook, Instagram, Tumbler, Google, Yahoo mail and more.

If you’re not sure if a site you use is vulnerable, visit https://www.ssllabs.com/ssltest/ to perform an analysis of the configuration of any SSL web server on the public Internet. (If everything’s green, it has probably been fixed.) Another tool you can use to check sites is http://filippo.io/Heartbleed/.

Also, if you use Chrome as your browser, they just released an app called Chromebleed that will test a site before you visit it and display a message if it’s affected by Heartbleed. (Note: Some early reviews weren’t so good so read description and reviews before installing.) But keep in mind these tools are just resources and may not be totally reliable.

The best solution is to visit each and every site you use that has sensitive information (e.g. banking, email, social media, etc.) to find out if they have posted a public statement or link about the Heartbleed issue — or maybe they weren’t even impacted or vulnerable — but hopefully they’ll say something online or in a newsletter.

If they don’t mention anything about Heartbleed, call, chat or email to ask if they had a problem with it. And if a site was fixed … you should change your password.

Many experts suggest the best thing to do is change all your passwords now. BUT… realize you may have to change some of them again since there may be some websites that are still buggy meaning the secure data is still vulnerable.

It’s totally your call, but it is wise to change your passwords often anyway … and you really should change them on any and all sites that have been patched.

Tips about passwords

DO NOT use the same password for all your accounts! And make sure all your email accounts have unique passwords since hackers with access to your email can visit other web sites (e.g. banks, Paypal, email providers, etc.) and submit a “forgot my password” request and intercept the email with the reset password.

Create long passwords (at least 8 characters long) using a combination of letters, numbers and special characters … change them often … and don’t share them with others. Consider using numbers or special characters in place of letters if using words, acronyms or phrases. For example, instead of using “ilovesunnydays” as a password, you could use “1loVe$unnyd@ys” to strengthen it.

Pet and family names are not good to use since hackers or criminals may have access to your personal data and/or your posts on Twitter, Instagram, Facebook, etc.

Don’t use the “remember my password” option on accounts that contain sensitive data (like credit card data, etc.) since 1) typing them every time can help you remember passwords … and 2) if your PC or handheld device got stolen the perp could potentially access your accounts.

Some people invest in password manager services and apps, such as LastPass, KeePass, PasswordBox and 1Password, which keep track of passwords and suggest especially strong ones. However, some security experts warn against creating a single point of potential failure with all your passwords, especially if the service stores your passwords in the cloud. PCMag has some tips on various password managers.

Also…

Make sure computers and all wireless devices have current anti-virus software and firewalls, schedule them to scan daily or weekly, and update virus patterns often. If you own or manage a business, encourage employees to protect their personal home devices too.

Set security preferences as high as possible on Internet browsers and anti-virus packages.

Although it is best to not open emails or attachments from unknown sources, that’s not always feasible – especially in the business world. But consider saving the attached files into a temporary directory and scan them before opening.

Like this:

America’s PrepareAthon! is a national community-based campaign for action to increase emergency preparedness and resilience through hazard-specific drills, group discussions, and exercises.

Ready.gov explains the goal of America’s PrepareAthon! is to build a more resilient nation by increasing the number of individuals who understand…

which disasters could happen in their community;

know what to do to be safe and mitigate damage;

take action to increase their preparedness;

and participate in community resilience planning.

Thespring and fall events are designed to encourage Americans topractice preparednessbefore an emergency or disaster strikes. For example, each year the Great ShakeOut earthquake drills encourage millions of people to physically practice what to do during an earthquake, and America’s PrepareAthon is modeled on the same principle. Participants must commit to take action and take at least one step (or more!) to prepare for a hazard they may face.

As mentioned above, the PrepareAthon! will occur twice a year — once in the spring and once in the fall — with the 2014 events planned on April 30 and September 30. Each event will concentrate on specific hazards and themes, but communities, organizations and families are encouraged to use the various resources throughout the year since disasters canhappen anywhere and anytime.

According to Ready.gov the first National Day of Action is scheduled for April 30, 2014 and will focus on taking actions to prepare for four specific hazards:

— Tornadoes

— Wildfires

— Floods

— Hurricanes

Agencies, organizations, businesses, schools and individuals can visit www.ready.gov/prepare and register to participate in America’s PrepareAthon! During the signup process organizers would like to know a few details about activities you are planning for the April call to action (similar to registering for ShakeOut events), plus you can join the National Preparedness Community to post events and network with others in the forum.

Also America’s PrepareAthon! organizers are providing customizable guides, social media tools and promotional materials for families and groups to use whether you just do the National Day of Action on 4/30 or hold drills or exercises year-round. The key is turning knowing into doing!

Additional Resources

In addition to the above and below links, consider learning more about FedHealth’s customizable disaster preparedness and first aid manual for your public outreach efforts too.

Our IT’S A DISASTER! book qualifies as community education on grants and provides about a $3 or $4-to-$1 return on matchsince we discount it up to 70% off list (or as low as $4.50 each) and customize it for free.

Or download some free preparedness topics from our It’s A Disaster! books … or visit your state or local Emergency Management, Health or Fire or Police or Sheriff department’s website to find local emergency information, safety tips and tools to help you and your loved ones get prepared.